Compendium Article 6: The Digital Guardian - Securing Information and Systems in the 21st Century

 

Network Protection

   Safeguarding confidential and sensitive information

    Information and system security are vital for the success of any business or organization. To maintain a competitive edge as technology advances and the digital world becomes more interconnected, it is essential to safeguard private and sensitive information against unauthorized access and theft. Businesses must take a proactive approach to increase information and system security by developing a customized information security policy, developing secure and manageable passwords, remaining current on the latest technology security threats and vulnerabilities, configuring network security measures to prevent unauthorized access, infiltration, and data theft, and installing anti-virus software and other malware protection on all company-owned devices. This paper will present basic information on the importance of information and system security in today's digital age, as well as practical advice and methods for businesses seeking to strengthen their security procedures and secure their sensitive data.

Security Flaws in Computer Systems

    Security issues are a legitimate concern concerning computers because both software and hardware may contain flaws that hackers may exploit. During our social activity on the ping network command, we noticed that it is a good instrument for assessing whether a host is accessible on an IP network and calculating packet round-trip. The ping protocol, however, can be employed as a damaging "ping flood cyberattack." In 1998, Yahoo Chat was a popular social networking website. Over time, more people began using the service to communicate with others worldwide. As time progressed, some individuals desired to exert their influence on social media for their purposes; hence, they worked out how to rule chatrooms entirely by disabling the computers of those whose ideas did not align with theirs. This sort of attack includes sending a large number of ping requests to the target machine or network in an attempt to render it inoperable. These attacks, known as ping attacks, represented one of the most elementary stages of hacking.

    Computer security vulnerabilities include, but are not limited to, security holes, viruses, email spam, phishing, and the capacity to crack passwords. Cyberattacks, email spam, and phishing scams are instances of computer system vulnerabilities. While spam and phishing may fill inboxes with unpleasant messages, only phishing actively aims to steal login information and other sensitive data. Spam is a marketing strategy that sends unsolicited emails to extensive databases of recipients. Phishing, which aims to trick a user into divulging sensitive information, is more destructive than spam (Spam vs. phishing - what's the, n.d.). Both vulnerabilities merit a more in-depth analysis and a quick explanation of social engineering, given that they both employ it to some degree.

Email Spam

    Cybercriminals increasingly utilize email spam and phishing scams to steal personal information, money, and identities. These frauds are not only illegal but also potentially deadly. Since its emergence in the 1990s, the Internet has been rife with cons. Internet frauds cost individuals and businesses hundreds of billions annually (Vahid & Lysecky, 2022).

    Harmful software distribution and phishing scams frequently occur via unsolicited or undesired emails, also known as "spam." Spam is unsolicited electronic mail. The majority of spam promotes products or websites (often porn sites). Approximately 5% are used to distribute phishing or malware (like viruses). In 2014, 50–80 percent of all Internet email traffic was spam (Vahid & Lysecky, 2022). Spam emails are unsolicited bulk emails (UBEs) sent without permission to advertise unlawful pharmaceuticals, illegal goods, and pornographic material (Gangavarapu et al., 2020). The McKinsey Global Institute discovered that individuals devote 28% of their workweek (650 hours per year) to reading and responding to emails. SaneBox's internal analytics revealed that 38% of emails, or 11% of the workweek, are relevant and essential. The Danwood Group found that it takes 64 seconds to recover from an email interruption and return to work at the same time, which decreases productivity, particularly for irrelevant UBEs. According to Kaspersky Lab, UBE email volume decreased by 50% in 2015 for the first time since 2003 (from three to six million). Billions of significant spam and phishing botnets were eliminated (Gangavarapu et al., 2020). 2015 saw a rise in UBE volume due to the conclusion of machine learning in spam and phishing emails. The Kaspersky spam investigation also uncovered an increase in spam email attachments, including potentially dangerous macros, malware, ransomware, and JavaScript. In March 2016, UBE volume doubled to 22,890,956. The Internet Security Threat Report (ISTR) indicated that the percentage of spam emails had climbed to 55% (2% more than in 2015 (52.7%) and 2016 (53.4%)). Spam and phishing are steadily increasing. According to the ISTR, the 2017 global phishing rate was approximately 1 in 2,995, and the number of phishing-related URLs increased by 182.6%, accounting for 5.8% (1 in 224) of all problematic URLs (Gangavarapu et al., 2020). It concerns that spam emails waste bandwidth, time, and money, which makes their proliferation an issue (Gangavarapu et al., 2020).

Phishing Scams

    

    Spam is undesired, whereas phishing is malevolent (Spam vs. phishing - what's the, n.d.). It typically looks to originate from a trustworthy sender. Phishing is an attack that utilizes email, phone, and text messaging to steal passwords and credit card information. The term "phishing" is derived from the Haxor, or L33T Speak spelling of the word "fishing." According to this terminology's logic, an attacker uses "bait" to entice a victim before "fishing" for the personal information they aim to steal (Alabdan, 2020). The most common phishing tactic involves sending an email to a user from a reputable organization, such as PayPal, Amazon, Bank of America, UPS, the government, or the user's place of employment. Modern email programs such as Gmail and Yahoo route most of these emails to spam folders, but some spam emails slip through (Vahid & Lysecky, 2022). The Federal Bureau of Investigation (FBI) estimated that phishing caused a total financial loss of USD 48,241,748 in 2018, with 26,379 victims (Alabdan, 2020). As we have shown, phishing is capable of causing considerable financial harm and even threatens the shutdown of crucial economic infrastructure. Alabdan describes phishing in depth. According to their paper, phishing had a role in the first successful cyberattack against a power grid, which occurred in December 2015 in Ukraine. The IT and network administrators of Ukrainian power distribution firms were targeted by spear phishing attacks. An infected Microsoft Word document activated macros. After the user clicked the button, the macro installed BlackEnergy3, which gave attackers a backdoor.

    Consequently, thirty substations were shut down, leaving 230,000 individuals without electricity for six hours. Even educated IT professionals often cannot recognize the dangers of a well-planned and executed phishing assault (Alabdan, 2020). The majority of phishing attempts target financial institutions (e.g., banks); nonetheless, assaults against government entities must be addressed, despite being less targeted (Gangavarapu et al., 2020).

Phishing attacks consist of steps of the following steps summarized:

Phishing attacks have phases. Summarized:

1.      Planning is determining targets, seeking information, and assault instruments and approaches (such as emails with malicious links and the spoof sites these links direct to).

2.      Phishing—using Stage 1 resources to phish targets.

3.      Infiltration—depending on the approach, this step involves the target's reaction and obtaining personal information.

4.      Data gathering and exploitation—the phisher collects and uses the information to meet the goals set during preparation. Attackers imitate victims to access accounts, etc. Online black-market sales of personal data are also frequent.

5.      Exfiltration—finally, the phisher removes as much evidence as possible (such as the deletion of fake sites). The attack's success and future attacks may be analyzed. (Alabdan, 2020).

    Vectors are so-called because they depend on the medium employed by the attacker and serve as the path for phishing attacks. These include Smishing (SMS/text phishing), Vishing (voice phishing over the phone), email (the most prevalent), Efaxing (websites that use IP to transfer faxes), IM, social networks, websites, and WIFI attacks. (Alabdan, 2020). The popularity of social networking sites where user accounts are hacked and used to promote other frauds, such as joining a cryptocurrency scheme, is rising. Utilizing the victim's emotions, gullibility, charity, or trust to achieve a desired end is referred to as social engineering. Phishers and cybercriminals employ social engineering (Alabdan, 2020). It is one of the most versatile technological methods because it does not require a specific medium or vector. It has been defined as "the art and science of persuading others to agree with your wishes," and there is no unique defensive technique. Because being in a position of authority enhances the likelihood of the victim falling for the manipulation—for example, a victim is more likely to reveal their password with an IT employee than with a stranger—impersonating employees is crucial to social engineering. • Hoaxing entails convincing the victim that something fake is genuine, causing them to act out of fear frequently.  Reverse social engineering is the most malicious and needs much forethought. Since the assailant appears to be in a position of power or authority, the victim approaches them to inquire and voluntarily provides their personal information (Alabdan, 2020).

    

    The ultimate goal of a social engineering attack is to prevent the target from acting logically and instead rely on emotions that can be manipulated. This includes sentiments such as Gluttony, Fear, Anger, Patriotism, Friendship, Responsibility, Belonging, Authority, Philanthropy, and Vanity (Alabdan, 2020). By leveraging these emotions and preventing the target from behaving logically, a phisher can persuade a target to act rashly and collect sensitive information (Alabdan, 2020).

Prevention-Based Measures

    The likelihood that a computer system contains a security defect that a hacker can exploit is proportionate to the system's software and hardware deficiencies. The failure to patch known vulnerabilities, inadequate testing and shoddy coding are three possible root causes of these problems.

Businesses must apply patches and upgrade to the most recent versions of software and hardware to close any security gaps. Conduct routine vulnerability scans to detect issues as quickly as possible and implement corrective measures. Every computer and mobile device should be equipped with the most up-to-date anti-virus software, and staff should be taught the necessity of not opening emails from unknown senders. By implementing spam filters, which delete unwanted communications from incoming emails, and training users to recognize and avoid phishing scams, organizations can enhance their security against spam emails. To prevent hackers from cracking passwords, firms should install two-factor authentication and require users to have complex, unique passwords.

Phishing emails typically contain misspellings, inconsistent link wording, URLs, personal information requests, email forms, and strong language (Spam vs. phishing - what's the, n.d.). In addition, you can defend yourself against phishing attempts by recognizing the typical warning signals of phishing scams and avoiding sending personal information over email. Always check the sender's website to verify the authenticity of an email, refuse messages from unknown senders, use unique passwords, and keep your anti-virus software up-to-date (Spam vs. phishing - what's the, n.d.).

    Information and system security are crucial to the success of any business. To maintain a competitive advantage as technology advances and the digital world becomes more interconnected, it is essential to safeguard private and sensitive data. Developing unique information security protocols and passwords, remaining current on the latest technical security threats and vulnerabilities and implementing network security measures to prevent unauthorized access are examples of best practices.

References

Alabdan, R. (2020). Phishing attacks survey: Types, vectors, and technical approaches. Future Internet, 12(10), 168. https://doi.org/10.3390/fi12100168

Gangavarapu, T., Jaidhar, C. D., & Chanduka, B. (2020). Applicability of machine learning in spam and phishing email filtering: Review and approaches. Artificial Intelligence Review, 53(7), 5019–5081. https://doi.org/10.1007/s10462-020-09814-9

Spam vs. phishing - what's the. Webroot. (n.d.). Retrieved January 29, 2023, from https://www.webroot.com/us/en/resources/tips-articles/spam-vs-phishing

Vahid, F., & Lysecky, S. (2022, July 26). Computing technology for all. zyBooks. Retrieved January 17, 2023, from https://www.zybooks.com/catalog/computing-technology-for-all/